tengineapache 反向代理理是不是有特殊字符

来源:蜘蛛抓取(WebSpider) 时间:2016-05-17 02:33 标签: 反向代理
Linux(8)
tengine模块
操作前提:
1、安装tomcat
1.1、安装ip为192.168.230.10的主机的tomcat
[root@node1 software]# tar -zxvf apache-tomcat-7.0.61.tar.gz -C /opt/modules
[root@node1 software]# cd /opt/modules/apache-tomcat-7.0.61/webapps/ROOT
[root@node2 ROOT]# vi index.jsp
&h1&Matrix&/h1&
进入tomcat目录
[root@node1 ROOT]# cd /opt/modules/apache-tomcat-7.0.61/bin
启动tomcat
[root@node1 bin]# ./startup.sh
在地址行输入检查页面是否能正常显示:
1.2、安装ip为192.168.230.11的主机的tomcat
[root@node2 software]# tar -zxvf apache-tomcat-7.0.61.tar.gz -C /opt/modules
[root@node2 software]# cd /opt/modules/apache-tomcat-7.0.61/webapps/ROOT
[root@node2 ROOT]# vi index.jsp
&h1&Matrix2&/h1&
[root@node2 ROOT]# cd /opt/modules/apache-tomcat-7.0.61/bin
[root@node2 bin]# ./startup.sh
在地址行输入检查页面是否能正常显示:
2、配置nginx访问禁止允许
2.1、进入tengine的conf目录下
[root@node1 ~]# cd /opt/modules/tengine-2.1.0/conf
2.2、编辑nginx.conf文件
[root@node1 conf]# vi nginx.conf
location / {
deny 192.168.230.10;
allow 192.168.230.0/24;
index.html index.
error_page
500 502 503 504
location = /50x.html {
2.3、查看nginx访问禁止配置是否成功
在地址栏输入:http://192.168.230.10/
在地址栏输入:http://192.168.230.18/
3、配置nginx用户认证
用户认证访问
模块ngx_http_auth_basic_module 允许使用"HTTP基本认证"协议验证用户名和密
码来限制对资源的访问。
location / {
auth_basic "closed site";
auth_basic_user_file /var/
Apache发行包中的htpasswd命令来创建user_file 文件
htpasswd -c -m /var/users username
注:需要安装httpd才可以使用上面命令
3.1、使用yum安装httpd
[root@node1 ~]# yum install httpd
3.2、编辑nginx.conf文件
[root@node1 conf]# vi nginx.conf
location / {
index.html index.
auth_basic "Hello!";
auth_basic_user_file /opt/modules/
error_page
500 502 503 504
location = /50x.html {
location /basic_status {
3.3、Apache发行包中的htpasswd命令来创建user_file 文件
[root@node1 ~]# htpasswd -m -c /opt/modules/htpasswd tom
New password:
Re-type new password:
Adding password for user tom
[root@node1 ~]# cd /opt/modules/tengine-2.1.0/conf
[root@node1 conf]# rm -rf .nginx.conf.swp
3.4、重新加载nginx服务
[root@node1 init.d]# service nginx reload
3.5、在浏览器地址栏中输入:
身份认证成功页面显示:
4、配置nginx访问状态监控
4.1、进入tengine的conf目录
[root@node1 ~]# cd /opt/modules/tengine-2.1.0/conf
4.2、编辑nginx.conf文件
[root@node1 conf]# vi nginx.conf
location / {
index.html index.
location /status {
error_page
500 502 503 504
location = /50x.html {
4.3、在浏览器地址栏中输入:
5、配置nginx反向代理
5.1、进入tengine的conf目录
[root@node1 ~]# cd /opt/modules/tengine-2.1.0/conf
5.2、编辑nginx.conf文件
[root@node1 conf]# vi nginx.conf
location / {
proxy_pass http://192.168.230.11:8080;
error_page
500 502 503 504
location = /50x.html {
5.3、重新加载nginx服务
[root@node1 init.d]# service nginx reload
5.4、在地址行输入检查页面是否能正常显示:
页面显示的是http://192.168.230.11中的内容
6、配置nginx负载均衡
6.1、进入tengine的conf目录
[root@node1 ~]# cd /opt/modules/tengine-2.1.0/conf
前提:保证192.168.230.10:8.230.11:8080都能正常运行
6.2、编辑nginx.conf文件
[root@node1 conf]# vi nginx.conf
upstream sparsematrix {
server 192.168.230.10:8080 weight=1;
server 192.168.230.11:8080 weight=1;
location / {
proxy_pass http://
6.3、重新启动nginx服务
[root@node1 init.d]# service nginx stop
Stopping nginx:
[root@node1 init.d]# service nginx start
Starting nginx:
6.4、在地址行输入检查页面是否能正常显示:
访问一次显示:
在访问一次显示:
7、tengine新增健康检查模块
7.1、进入tengine的conf目录
[root@node1 ~]# cd /opt/modules/tengine-2.1.0/conf
7.2、编辑nginx.conf文件
[root@node1 conf]# vi nginx.conf
upstream sparsematrix {
server 192.168.230.10:8080 weight=1;
server 192.168.230.11:8080 weight=1;
check interval=3000 rise=2 fall=5 timeout=1000 type=
check_http_send "HEAD / HTTP/1.0\r\n\r\n";
check_http_expect_alive http_2xx http_3
location / {
proxy_pass http://
location /status {
7.3、在地址行输入:对tomcat服务器进行健康检查
访问显示两台tomcat都没有响应:
重新启动两台tomcat
再次访问显示两台tomcat运行正常:
参考知识库
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
访问:27890次
积分:1079
积分:1079
排名:千里之外
原创:85篇
(1)(6)(4)(7)(45)(22)有没有人试过在windows环境下:Nginx反向代理Node.js - CNode技术社区
积分: 1755
两.个.轮.子.上.写.代.码
我这边的环境就是windows了:
我的conf文件是这样配置的(主要部分):
server 127.0.0.1:3000;
0.0.0.0:8080;
#charset koi8-r;
#access_log
logs/host.access.
location / {
proxy_pass
http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_
proxy_set_header Host $http_
proxy_set_header X-NginX-P
proxy_read_timeout 300s;
当我键入时就是出现not found之类的。我在stackoverflow上也找了一下,但是还是没有解决。
所以在这里希望能得到准确的解答。同时也给以后遇到类似于此问题的同学一个解决的方法。:)
你nginx监听的8080,
恩,是的,我这样试过了,可还是出现了not found 之类的提示。挺郁闷的:(
nginx在windows下可是很不怎么样的, 还是用iis吧
我的 nginx (Tengine) 配置是这样的,运行是成功的,cookie、session什么的也都正常:
location /{
proxy_pass
http://nodejs_upstream/;
location /http-bind/ {
proxy_pass
http://localhost:7070/http-bind/;
upstream nodejs_upstream {
server 127.0.0.1:3000;
用127.0.0.1:8080就可以访问到了,如果你想用:8080访问, 记得在host文件增加一条DNS
upstream nodejs__upstream2 {
server 127.0.0.1:3000;
keepalive 64;
listen 8080;
location / {
proxy_set_header
proxy_set_header
X-Forwarded-For
$proxy_add_x_forwarded_
proxy_set_header
proxy_set_header
proxy_set_header
Connection &&;
proxy_http_version 1.1;
proxy_pass
http://nodejs__upstream2;
需要nginx -s reload,你确保都执行了吗?
恩,是的,这些基本操作我都知道,
但是现在显示的是白屏,是不是环境问题?我为这个问题也纠结了几天了。。
你确定端口已经转向了吗?服务器端有输出么
修改下hosts文件,增加域名和本地ip的一条记录就可以了。
etc下hosts文件加一行 ip 域名~~
用node proxy即可,不需要nginx
曾经试过,真的不建议在windows下用nginx,支持性非常差,不知道最新版的nginx是否已经很好兼容windows了,之前部署就没成功过,而且访问非常慢,后面自己就了linux服务器了
CNode 社区为国内最专业的 Node.js 开源技术社区,致力于 Node.js 的技术研究。
服务器赞助商为
,存储赞助商为
,由提供应用性能服务。
新手搭建 Node.js 服务器,推荐使用无需备案的Categories:
GeoIP白名单
wget /download/geoip/api/c/GeoIP.tar.gz
tar -zxvf GeoIP.tar.gz
cd GeoIP-1.4.6
./configure
make install
使用proxy_cache时增加purge模块
wget /files/ngx_cache_purge-2.1.tar.gz
tar zxvf ngx_cache_purge-2.1.tar.gz
--add-module=../ngx_cache_purge-2.1
后端nginx编译时需加上–with-http_realip_module以获取真实ip,并指定来源
set_real_ip_from& &61.199.67.2; #前端ip
set_real_ip_from& &192.168.0.111;#前端ip
real_ip_header& & &X-Real-IP;
编译安装tengine
jemalloc为编译路径
wget http://tengine.taobao.org/download/tengine-1.5.1.tar.gz
tar zxvf tengine-1.5.1.tar.gz
cd tengine-1.5.1
./configure --user=www --group=website --prefix=/opt/tengine-1.5.1 --add-module=../ngx_cache_purge-2.1 --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module& \
--with-http_concat_module=shared \
--with-http_sysguard_module=shared \
--with-http_limit_conn_module=shared \
--with-http_limit_req_module=shared \
--with-http_footer_filter_module=shared \
--with-http_upstream_ip_hash_module=shared \
--with-http_upstream_least_conn_module=shared \
--with-http_upstream_session_sticky_module=shared \
--with-jemalloc=/root/src/lempelf/packages/jemalloc-3.4.1
make install
cd& /opt/tengine-1.5.1/conf
wget /download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
gunzip GeoIP.dat.gz
chgrp -R website /opt/tengine-1.5.1/conf
chmod -R 764 /opt/tengine-1.5.1/conf
chmod& 774 /opt/tengine-1.5.1/conf
复制原nginx的配制文件于tengine
cd /opt/nginx/conf
cp awstats.conf fcgi.conf htpasswd block.conf nginx.conf /opt/tengine-1.5.1/conf/
检测配置文件
/opt/tengine-1.5.1/sbin/nginx -t -c /opt/tengine-1.5.1/conf/nginx.conf
nginx: [emerg] unknown directive &limit_zone& in /opt/tengine-1.5.1/conf/nginx.conf:71
nginx: [emerg] unknown directive &limit_conn& in /opt/tengine-1.5.1/conf/nginx.conf:136
如果有以上错误,需去掉limit_conn配置,ngx_http_limit_conn_module 模块在新版已使用新指令
增加新的功能
vi /opt/tengine-1.5.1/conf/nginx.conf
根据cpu数量自动设定Tengine的worker进程数量,并进行cpu绑定。
worker_processes& & &
worker_cpu_affinity&
关闭系统信息
ngx_http_sysguard_module
系统过载保护
&& & & &sysguard_load load=10.5 action=/
&& & & &sysguard_mem swapratio=20% action=/
&& & & &sysguard_mem free=100M action=/
&& & & &location /loadlimit {
&& & & & & &return 503;
&& & & &location /swaplimit {
&& & & & & &return 503;
&& & & &location /freelimit {
&& & & & & &return 503;
ngx_http_limit_req_module
并发限制模块
limit_req_zone $binary_remote_addr zone=one:3m rate=1r/s;
&& &limit_req_zone $binary_remote_addr $uri zone=two:3m rate=1r/s;
&& &limit_req_zone $binary_remote_addr $request_uri zone=three:3m rate=1r/s;
&& &location / {
&& & & &limit_req zone=one burst=5;
&& & & &limit_req zone=two forbid_action=@test1;
&& & & &limit_req zone=three burst=3 forbid_action=@test2;
&& &location /off {
&& & & &limit_
&& &location @test1 {
&& & & &rewrite ^ /test1.
&& &location @test2 {
&& & & &rewrite ^& /test2.
删除旧的nginx软链接,给tengine增加软链接
rm /opt/nginx
ln -s /opt/tengine-1.5.1 /opt/nginx
一个完整的nginx.conf
worker_processes& & &
worker_cpu_affinity&
error_log& /var/log/nginx/nginx_error.log&
pid& & & & /dev/shm/nginx.
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
&& & load ngx_http_footer_filter_module.
&& & load ngx_http_limit_conn_module.
&& & load ngx_http_limit_req_module.
&& & load ngx_http_sysguard_module.
&& & load ngx_http_upstream_ip_hash_module.
&& & load ngx_http_upstream_least_conn_module.
&& & load ngx_http_upstream_session_sticky_module.
&& & worker_connections 51200;
&& & include& & & &mime.
&& & default_type& application/octet-
&& & log_format& access& '$remote_addr - $remote_user [$time_local] &$request& '
& &'$status $body_bytes_sent &$http_referer& '
& &'&$http_user_agent& $http_x_forwarded_for';
&& & open_log_file_cache max=1000 inactive=20s min_uses=2 valid=1m;
&& & server_names_hash_bucket_size 128;
&& & #linux 2.4+
&& & tcp_nopush& & &
&& & #tengine
&& & server_
&& & server_
&& & #server_tag A
&& & server_
&& & server_name_in_
&& & keepalive_timeout 60;
&& & client_header_buffer_size 16k;
&& & client_body_timeout 60;
&& & client_max_body_size 8m;
&& & large_client_header_buffers 4 32k;
&& & fastcgi_intercept_
&& & fastcgi_hide_header X-Powered-By;
&& & fastcgi_connect_timeout 180;
&& & fastcgi_send_timeout 180;
&& & fastcgi_read_timeout 180;
&& & fastcgi_buffer_size 128k;
&& & fastcgi_buffers 4 128K;
&& & fastcgi_busy_buffers_size 128k;
&& & fastcgi_temp_file_write_size 128k;
&& & fastcgi_temp_path /dev/
&& & #open_file_cache max=51200 inactive=20s;
&& & #open_file_cache_valid& & 30s;
&& & #open_file_cache_min_uses 2;
&& & #open_file_cache_errors& &
&& & gzip_min_length& 1k;
&& & gzip_comp_level 5;
&& & gzip_buffers& & &4 16k;
&& & gzip_http_version 1.1;
&& & gzip_types& & & &text/plain application/x-javascript text/css application/
&& & gzip_
&& & limit_req_log_
&& & limit_req_zone $binary_remote_addr $uri zone=two:30m rate=10r/s;
&& & #访问限制白名单
&& & geo $white_ip {
&& & & & &#
&& & & & &default 0;
&& & & & &127.0.0.1/32 1;
&& & & & &182.55.21.28/32 1;
&& & & & &192.168.0.0/16 1;
&& & & & &61.199.67.0/24 1;
&& & client_body_buffer_size& 512k;
&& & proxy_connect_timeout& & 5;
&& & proxy_read_timeout& & & &60;
&& & proxy_send_timeout& & & &5;
&& & proxy_buffer_size& & & & 16k;
&& & proxy_buffers& & & & & & 4 32k;
&& & proxy_busy_buffers_size 64k;
&& & proxy_temp_file_write_size 64k;
&& & #注:proxy_temp_path和proxy_cache_path指定的路径必须在同一分区
&& & proxy_temp_path& &/opt/nginx/proxy_temp_
&& & #设置Web缓存区名称为cache_www,内存缓存空间大小为3000MB,1天没有被访问的内容自动清除,硬盘缓存空间大小为30GB。
&& & proxy_cache_path& /opt/nginx/proxy_cache_www& levels=1:2& &keys_zone=cache_www:3000m inactive=1d max_size=20g;
&& & upstream www_server {
&& & server& &192.168.0.131:80;
&& & server
&& & & & & & listen& & & &80
&& & & & & & server_name& _;
&& & & & & & return 444;
&& & & & & & access_log&
&& & server
&& & & & & & listen& & & &80;
&& & & & & & server_name& ;
&& & & & & & index index.html index.htm index.
&& & & & & & root& /opt/htdocs/
&& & & & & & access_log& /var/log/nginx/proxy..log& access buffer=24k;
if (-d $request_filename){
rewrite ^/(.*)([^/])$ http://$host/$1$2/
& & &limit_req_whitelist geo_var_name=white_ip geo_var_value=1;
&& & & & & & limit_req zone=two burst=50 forbid_action=/visitfrequently.
&& & & & & & location @visitfrequently {
& & & & &rewrite ^ /visitfrequently.
&& & & & & & }
& & &location ~/\.ht {
& & #用于清除缓存,假设一个URL为http://192.168.8.42/test.txt,通过访问http://192.168.8.42/purge/test.txt就可以清除该URL的缓存。
& & location ~ /purge(/.*)
& & &#设置只允许指定的IP或IP段才可以清除URL缓存。
& & &allow& & & & & & 127.0.0.1;
& & &allow& & & & & & 192.168.0.0/16;
& & &deny& & & & & &
& & &proxy_cache_purge& & cache_www& &$host$1$is_args$
& & &error_page 405 =200 /purge$1; #处理squidclient purge的时候出现的405错误
& & if ( $request_method = &PURGE& ) {
& & &rewrite ^(.*)$ /purge$1
& & location /
error_page 502 504 /502.
proxy_set_header Host& $
#proxy_set_header X-Forwarded-For& $remote_
proxy_set_header X-Real-IP $remote_
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_
proxy_pass http://www_
add_header& & & X-Cache& &Cache-S
& & location ~ 404\.html$
proxy_set_header Host& $
#proxy_set_header X-Forwarded-For& $remote_
proxy_set_header X-Real-IP $remote_
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_
proxy_pass http://www_
add_header& & & X-Cache& &Cache-S
&& & & & & & location ~ .*\.(htm|html|)?$
&& & & & & & {
#如果后端的服务器返回502、504、执行超时等错误,自动将请求转发到upstream负载均衡池中的另一台服务器,实现故障转移。
proxy_next_upstream http_502 http_504 error timeout invalid_
proxy_cache cache_
#对不同的HTTP状态码设置不同的缓存时间
proxy_cache_valid& 200 304 5m;
#以域名、URI、参数组合成Web缓存的Key值,Nginx根据Key值哈希,存储缓存内容到二级缓存目录内
proxy_cache_key $host$uri$is_args$
proxy_set_header Host& $
proxy_http_version 1.1;
#proxy_set_header X-Forwarded-For& $remote_
proxy_set_header X-Real-IP $remote_
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_
proxy_pass http://www_
#支持后台expires
proxy_ignore_headers &Cache-Control& &Expires&;
add_header& & & X-Cache& &C
&& & & & & & }
& & &location ~* ^.+\.(jpg|jpeg|gif|png|rar|zip|css|js)$ {
valid_referers none blocked *.;
if ($invalid_referer) {
& & rewrite ^/ /leech.
& & return 412;
&& & & & & & & & access_log& &
#如果后端的服务器返回502、504、执行超时等错误,自动将请求转发到upstream负载均衡池中的另一台服务器,实现故障转移。
proxy_next_upstream http_502 http_504 error timeout invalid_
proxy_cache cache_
#对不同的HTTP状态码设置不同的缓存时间
proxy_cache_valid& 200 304 5m;
#以域名、URI、参数组合成Web缓存的Key值,Nginx根据Key值哈希,存储缓存内容到二级缓存目录内
proxy_cache_key $host$uri$is_args$
proxy_set_header Host& $
proxy_http_version 1.1;
#proxy_set_header X-Forwarded-For& $remote_
proxy_set_header X-Real-IP $remote_
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_
proxy_pass http://www_
#支持后台expires
proxy_ignore_headers &Cache-Control& &Expires&;
add_header& & & X-Cache& &C
启动tengine
/opt/nginx/sbin/nginx
观察了下top降低了许多
===========更新=============
如果负载时大时小可能有io瓶颈,可以将proxy_cache放到/dev/shm 中来解决.(/dev/shm默认为内存一半大小)
创建目录并加入开机执行
mkdir /dev/shm/nginx
vi /etc/rc.local
在nginx启动前加入
mkdir /dev/shm/nginx
修改nginx.conf
proxy_temp_path& &/dev/shm/nginx/proxy_temp_
&& & #设置Web缓存区名称为cache_www,内存缓存空间大小为3000MB,1天没有被访问的内容自动清除,硬盘缓存空间大小为30GB。
&& & proxy_cache_path& /dev/shm/nginx/proxy_cache_www& levels=1:2& &keys_zone=cache_www:3000m inactive=1d max_size=20g;
Posted in .
About C1G军火库
关注互联网、网页设计、Web开发、服务器运维优化、项目管理、网站运营、网站安全…
2016年八月
891011121314
15161718192021
22232425262728基于Tengine的反向代理详细配置_服务器应用_Linux公社-Linux系统门户网站
你好,游客
基于Tengine的反向代理详细配置
来源:Linux社区&
作者:sofar
系统环境:
Linux Enterprise Server 10 SP1 (x86_64)
注:所有软件包都放置在/data/software目录下
nginx_tcp_proxy_module:
/yaoweibin/nginx_tcp_proxy_module&
nginx-hmux-module:
/wangbin579/nginx-hmux-module
ngx_cache_purge:
#---------------------------------------------------------------------------------------------------------------------------------------------
1、内存管理库
# tar -zxvf libunwind-1.0.1.tar.gz
# cd libunwind-1.0.1
# LAGS=-fPIC ./configure --prefix=/usr/local
# make LAGS=-fPIC
# make LAGS=-fPIC install
# tar -zxvf gperftools-2.0.tar.gz
# cd gperftools-2.0
# ./configure --prefix=/usr/local
# make && make install
#---------------------------------------------------------------------------------------------------------------------------------------------
# tar -xvzf pcre-8.32.tar.gz
# cd pcre-8.32
# LAGS=-fPIC ./configure --prefix=/usr/local
# make LAGS=-fPIC
# make LAGS=-fPIC install
#---------------------------------------------------------------------------------------------------------------------------------------------
3、OpenSSL库
# tar xvzf openssl-1.0.1g.tar.gz
# cd openssl-1.0.1g
# ./config shared --prefix=/usr/local
# make && make install
#---------------------------------------------------------------------------------------------------------------------------------------------
4、IP地理位置定位组件
# tar xvzf GeoIP-latest.tar.gz
# cd GeoIP-1.5.0
# ./configure --prefix=/usr/local
# make && make install
#---------------------------------------------------------------------------------------------------------------------------------------------
5、相关目录创建
# mkdir -p /data/nginx_temp/{nginx_client,nginx_proxy,nginx_fastcgi,nginx_temp,nginx_cache}
# mkdir -p /data/logs/{nginx,web} /data/web/{data,conf}
#---------------------------------------------------------------------------------------------------------------------------------------------
6、Tengine编译安装
# tar xvzf nginx-hmux-module-1.3.tar.gz
# tar xvzf nginx_tcp_proxy_module-0.4.5.tar.gz
# tar xvzf tengine-1.5.2.tar.gz
# cd tengine-1.5.2
# patch -p1 & ../nginx_tcp_proxy_module-0.4.5/tcp.patch
# ./configure --prefix=/usr/local/nginx \
--lock-path=/var/lock/nginx.lock \
--pid-path=/var/run/nginx.pid \
--error-log-path=/data/logs/nginx/error.log \
--http-log-path=/data/logs/nginx/access.log \
--user=nobody \
--group=nogroup \
--with-pcre=../pcre-8.32 \
--with-pcre-opt=-fPIC \
--with-openssl=../openssl-1.0.1g \
--with-openssl-opt=-fPIC \
--with-backtrace_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-http_realip_module \
--with-http_concat_module=shared \
--with-http_sysguard_module=shared \
--with-http_limit_conn_module=shared \
--with-http_limit_req_module=shared \
--with-http_split_clients_module=shared \
--with-http_footer_filter_module=shared \
--with-http_geoip_module=shared \
--with-http_sub_module=shared \
--with-http_access_module=shared \
--with-http_upstream_ip_hash_module=shared \
--with-http_upstream_least_conn_module=shared \
--with-http_referer_module=shared \
--with-http_rewrite_module=shared \
--with-http_memcached_module=shared \
--with-http_upstream_session_sticky_module=shared \
--with-http_addition_module=shared \
--with-http_xslt_module=shared \
--with-http_image_filter_module=shared \
--with-http_user_agent_module=shared \
--with-http_empty_gif_module=shared \
--with-http_browser_module=shared \
--with-google_perftools_module \
--with-http_map_module=shared \
--with-http_userid_filter_module=shared \
--with-http_charset_filter_module=shared \
--with-http_trim_filter_module=shared \
--with-http_lua_module=shared \
--without-http_fastcgi_module \
--without-http_uwsgi_module \
--without-http_scgi_module \
--without-select_module \
--without-poll_module \
--add-module=../nginx-hmux-module-1.3 \
--add-module=../nginx_tcp_proxy_module-0.4.5 \
--with-ld-opt='-ltcmalloc_minimal' \
--http-client-body-temp-path=/data/nginx_temp/nginx_client \
--http-proxy-temp-path=/data/nginx_temp/nginx_proxy \
--http-fastcgi-temp-path=/data/nginx_temp/nginx_fastcgi
# make && make install
#---------------------------------------------------------------------------------------------------------------------------------------------
7、Tengine缓存刷新模块
# cd /data/software
# tar xvzf ngx_cache_purge-2.0.tar.gz
# ./dso_tool --add-module=/data/software/ngx_cache_purge-2.0
#---------------------------------------------------------------------------------------------------------------------------------------------
8、Tengine配置
# rm -f /usr/local/nginx/html/*.html
# rm -f /usr/local/nginx/conf/*.default
# mkdir /usr/local/nginx/conf/SET
# vim /usr/local/nginx/conf/nginx.conf
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
worker_cpu_
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
error_log /data/logs/nginx/error.
pid /var/run/nginx.
google_perftools_profiles /var/tmp/
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
worker_rlimit_nofile 65535;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & load ngx_http_rewrite_module.
& & load ngx_http_access_module.
& & load ngx_http_concat_module.
& & load ngx_http_limit_conn_module.
& & load ngx_http_limit_req_module.
& & load ngx_http_sysguard_module.
& & load ngx_http_upstream_session_sticky_module.
& & load ngx_http_cache_purge_module.
& & load ngx_http_trim_filter_module.
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & worker_connections 10240;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & server_
& & server_
& & access_
& & include mime.
& & default_type application/octet-
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & server_names_hash_bucket_size 128;
& & client_header_buffer_size 32k;
& & large_client_header_buffers 4 32k;
& & client_max_body_size 10m;
& & client_body_buffer_size 256k;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & keepalive_timeout 60;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & gzip_min_length 1k;
& & gzip_buffers 4 16k;
& & gzip_http_version 1.0;
& & gzip_comp_level 2;
& & gzip_types text/plain application/x-javascript text/css application/
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & proxy_connect_timeout 600;
& & proxy_read_timeout 600;
& & proxy_send_timeout 600;
& & proxy_buffer_size 128k;
& & proxy_buffers 4 128k;
& & proxy_busy_buffers_size 256k;
& & proxy_temp_file_write_size 256k;
& & proxy_headers_hash_max_size 1024;
& & proxy_headers_hash_bucket_size 128;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & proxy_
& & proxy_set_header Host $
& & proxy_set_header X-Real-IP $remote_
& & proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & proxy_temp_path /data/nginx_temp/nginx_
& & proxy_cache_path /data/nginx_temp/nginx_cache levels=1:2 keys_zone=cache_one:2048m inactive=30m max_size=60g;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & # backend web server address pool
& & include SET/*.
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & log_format access '$remote_addr - $remote_user [$time_local] "$request"'
& & & & '$status $body_bytes_sent "$http_referer"'
& & & & '"$http_user_agent" $http_x_forwarded_for';
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & # system resource overload protect
& & server {
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & & & sysguard_load load=10.5 action=/
& & & & sysguard_mem swapratio=20% action=/
& & & & sysguard_mem free=100M action=/
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & & & location /loadlimit {
& & & & & & return 503;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & & & location /swaplimit {
& & & & & & return 503;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & & & location /freelimit {
& & & & & & return 503;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & # refuse request server by ipaddr
& & server {
& & & & server_name _;
& & & & return 404;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & # web page cache and proxy setting
& & include /data/web/conf/*.
# vim /usr/local/nginx/conf/SET/NORTH1.conf
upstream NORTH1_SERVER_PROXY {
& & consistent_hash $request_
& & server 192.168.1.101:80 weight=1;
& & server 192.168.1.102:80 weight=1;
& & server 192.168.1.103:80 weight=1;
& & server 192.168.1.104:80 weight=1;
& & session_
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & check interval=3000 rise=2 fall=5 timeout=1000 type=
& & check_http_send "GET / HTTP/1.0\r\n\r\n";
& & check_http_expect_alive http_2xx http_3
# mkdir -p /data/logs/web/
# vim /data/web/conf/.conf
& & listen 80;
& & server_
& & index index.html index.htm index.
& & root /data/nginx_temp/nginx_
& & access_
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & location / {
& & & & proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_
& & & & proxy_pass http://NORTH1_SERVER_PROXY;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & & & #存在静态首页时,才需添加此规则
& & & & if (-d $request_filename) {
& & & & & & rewrite ^/(.*)$ http://$host/index.
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & location ~ .*\. (php)?$ {
& & & & proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_
& & & & proxy_pass http://NORTH1_SERVER_PROXY;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & location ~ /purge(/.*) {
& & & & allow 127.0.0.1;
& & & & allow 192.168.1.0/24;
& & & & proxy_cache_purge cache_one $host$1$is_args$
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & location ~ .*\.(htm|html|js|css|gif|jpg|jpeg|png|bmp|ico|swf|flv)$ {
& & & & proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_
& & & & proxy_cache cache_
& & & & proxy_cache_valid 200 304 15m;
& & & & proxy_cache_valid 301 302 10m;
& & & & proxy_cache_valid any 1m;
& & & & proxy_cache_key $host$uri$is_args$
& & & & add_header Ten-webcache '$upstream_cache_status from $host';
& & & & proxy_pass http://NORTH1_SERVER_PROXY;
& & & & expires 30m;
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & location ~ /\.ht {
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & access_log /data/logs/web//access.
#---------------------------------------------------------------------------------------------------------------------------------------------
9、Tengine启动脚本
# vim /etc/init.d/nginx
# nginx - this script start and stop the nginx daemon
# chkconfig:
# description: Startup script for nginx
# processname: nginx
# config: /usr/local/nginx/conf/nginx.conf
# pidfile: /var/run/nginx.pid
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
DAEMON=/usr/local/nginx/sbin/nginx
CONFIGFILE=/usr/local/nginx/conf/nginx.conf
PIDFILE=/var/run/nginx.pid
SCRIPTNAME=/etc/init.d/nginx
LOCKFILE=/var/lock/nginx.lock
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
[ -x "$DAEMON" ] || exit 0
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & echo "Startting Nginx......"
& & [ -x $DAEMON ] || exit 5
& & [ -f $CONFIGFILE ] || exit 6
& & $DAEMON -c $CONFIGFILE || echo -n "Nginx already running!"
& & [ $? -eq 0 ] && touch $LOCKFILE
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & echo "Stopping Nginx......"
& & MPID=`ps aux | grep nginx | awk '/master/{print $2}'`
& & if [ "${MPID}X" != "X" ]; then
& & & & kill -QUIT $MPID
& & & & [ $? -eq 0 ] && rm -f $LOCKFILE
& & & & echo "Nginx server is not running!"
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
reload() {
& & echo "Reloading Nginx......"
& & MPID=`ps aux | grep nginx | awk '/master/{print $2}'`
& & if [ "${MPID}X" != "X" ]; then
& & & & kill -HUP $MPID
& & & & echo "Nginx can't reload!"
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
case "$1" in
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & reload
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & sleep 1
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & echo "Usage: $SCRIPTNAME {start|stop|reload|restart}"
& & exit 3
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
# chmod +x /etc/init.d/nginx
# chkconfig --add nginx
# service nginx start
#---------------------------------------------------------------------------------------------------------------------------------------------
10、Tengine健康检测
# mkdir -p /data/web/data/mycheckweb.
# echo "OK" & /data/web/data/mycheckweb./index.html
# echo "你的内网IP& & mycheckweb." && /etc/hosts
# touch /var/lock/check_web.lock
#vim /data/web/conf/checkweb_for_nginx.conf
& & listen 80;
& & server_name mycheckweb.;
& & access_
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & location / {
& & & & root /data/web/data/mycheckweb.;
& & & & index index.
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
& & location ~ health_status {
& & & & check_
& & & & allow 127.0.0.1;
& & & & allow 192.168.1.0/24;
# vim /usr/local/nginx/sbin/check_web.sh
#!/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
retval=`ping -c 3 mycheckweb. | awk '/received/ {print $4}'`
[[ ${retval} -eq 0 ]] && exit 1
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
retval=`curl -I -s "http://mycheckweb." | grep "200 OK"`
if [[ "${retval}x" = "x" ]]; then
& & [[ -e /usr/local/nginx ]] && /sbin/service nginx restart &/dev/null 2&&1
#chmod +x /usr/local/nginx/sbin/check_web.sh
# crontab -e
*/5 * * * * (flock --timeout=0 /var/lock/check_web.lock /usr/local/nginx/sbin/check_web.sh &/dev/null 2&&1)
#---------------------------------------------------------------------------------------------------------------------------------------------
11、Tengine访问日志切割与清理
# vim /usr/local/nginx/sbin/cut_nginx_log.sh
#!/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
## the nginx access logs base path
WEBLOG_PATH="/data/logs/web"
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
retval=`ps aux | grep ngin[x] | wc -l`
if [ ${retval} -eq 0 ]; then
& & echo "The daemon process for nginx has no found."
& & exit 1
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
## avoid errors for USR1 signal, and modify 750 privilege
chown -R nobody:nogroup /data/logs/{nginx,web}
chmod -R 750 /data/logs/{nginx,web}
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
## cut nginx access logs
for LOGFILE in `find ${WEBLOG_PATH} -type f -name access.log`
& & LOGPATH=`dirname ${LOGFILE}`
& & mv ${LOGPATH}/access.log ${LOGPATH}/access_$(date -d "yesterday" +"%Y-%m-%d").log
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
kill -USR1 `ps aux | grep nginx | awk '/master/{print $2}'`
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
## and then modify original privileges
chown -R nobody:nogroup /data/logs/{nginx,web}
chmod -R 640 /data/logs/{nginx,web}
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
## clear 10 days ago's nginx access logs
LOGFILE=access_$(date -d "10 days ago" +"%Y-%m-%d").log
find ${WEBLOG_PATH} -type f -name ${LOGFILE} -exec rm -f {} \;
# crontab -e
00 00 * * * /bin/bash /usr/local/nginx/sbin/cut_nginx_log.sh &/dev/null 2&&1
#---------------------------------------------------------------------------------------------------------------------------------------------
12、系统优化
##网络参数设置
# vim /etc/sysctl.conf
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
net.ipv4.ip_local_port_range =
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 80000
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
net.core.somaxconn = 32768
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 20
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max =
net.core.wmem_max =
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
net.ipv4.tcp_rmem =
net.ipv4.tcp_wmem =
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
net.core.netdev_max_backlog = 32768
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_retries2 = 5
& & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & & &
net.ipv4.tcp_mem = 40
net.ipv4.tcp_max_orphans = 3276800
fs.file-max = 1300000
# sysctl -p
## 文件描述符设置
# echo "ulimit -SHn 65535" && /etc/profile
# source /etc/profile
#---------------------------------------------------------------------------------------------------------------------------------------------
本地HOSTS绑定访问
http://mycheckweb./health_status
相关阅读:
6.4制作Tengine的rpm包
Tengine动态开启模块试用
CentOS 6.3用ICC编译PHP5.4.8+Percona5.5.27+Tengine1.4.1
基于淘宝Tengine和Scribe的WEB日志收集方案
基于Tengine部署LNMP环境
Tengine 的详细介绍:Tengine 的下载地址:
本文永久更新链接地址:
相关资讯 & & &
& (10/29/:06)
& (09/15/:54)
& (12/30/:32)
& (09/15/:30)
& (04/27/:48)
图片资讯 & & &
   同意评论声明
   发表
尊重网上道德,遵守中华人民共和国的各项有关法律法规
承担一切因您的行为而直接或间接导致的民事或刑事法律责任
本站管理人员有权保留或删除其管辖留言中的任意内容
本站有权在网站内转载或引用您的评论
参与本评论即表明您已经阅读并接受上述条款

我要回帖

更多关于 反向代理 的文章

 

随机推荐